Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

kovidgoyal — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting kovidgoyal. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Kovidgoyal develops open-source software primarily used for web scraping and automation, with applications in data extraction and process automation. Historically, their code has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure deserialization. The researcher has disclosed multiple critical flaws affecting various projects, including some that allowed attackers to execute arbitrary code or bypass security controls. While no major public security incidents have been directly attributed to kovidgoyal's work, their CVE history indicates a pattern of security weaknesses that require careful mitigation when implementing their tools in production environments.

Top products by kovidgoyal: calibre
CVE IDTitleCVSSSeverityPublished
CVE-2026-33206 calibre has a path traversal vulnerability — calibreCWE-23 9.8 -2026-03-27
CVE-2026-33205 calibre has Server-Side Request Forgery in ebook viewer backend — calibreCWE-918 8.6 -2026-03-27
CVE-2026-30853 calibre has a Path Traversal Leading to Arbitrary File Write — calibreCWE-22 5.0 Medium2026-03-13
CVE-2026-27824 calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing — calibreCWE-307 5.3 Medium2026-02-27
CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection — calibreCWE-113 6.4 Medium2026-02-27
CVE-2026-26065 calibre: Path Traversal can Lead to Arbitrary File Write and Potential Code Execution — calibreCWE-22 8.8 -2026-02-20
CVE-2026-26064 calibre: Path Traversal Vulnerability Enables Arbitrary File Write and Remote Code Execution — calibreCWE-22 8.8 -2026-02-20
CVE-2026-25731 Calibre Affected by Arbitrary Code Execution via Server-Side Template Injection in Calibre HTML Export — calibreCWE-1336 7.8 High2026-02-06
CVE-2026-25635 calibre has a Path Traversal Leading to Arbitrary File Write and Potential Code Execution — calibreCWE-22 8.6 High2026-02-06
CVE-2026-25636 calibre has a Path Traversal Leading to Arbitrary File Corruption and Code Execution — calibreCWE-22 8.2 High2026-02-06
CVE-2025-64486 calibre is vulnerable to arbitrary code execution when opening FB2 files — calibreCWE-73 7.8 -2025-11-07

This page lists every published CVE security advisory associated with kovidgoyal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.